threejs-performance

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The documentation suggests installing the @gltf-transform/cli tool from the npm registry for asset optimization. This is a widely recognized community-standard tool for processing 3D models.
  • [EXTERNAL_DOWNLOADS]: The resource loading examples include a reference to Google's public gstatic CDN for hosting Draco mesh decoders (https://www.gstatic.com/draco/versioned/decoders/1.5.6/). This is a well-known and trusted service used by Three.js applications to fetch compression libraries.
  • [COMMAND_EXECUTION]: Provides informational shell commands for using gltf-transform to compress 3D models. These commands are intended for the developer to use manually and are not executed automatically by the agent.
  • [SAFE]: The skill includes code snippets for performance monitoring and scene management using standard libraries such as stats-gl, lil-gui, and r3f-perf. No malicious behaviors, obfuscation, or unauthorized data access were detected in the instructional content or referenced code examples.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 06:12 AM
Security Audit — agent-trust-hub — threejs-performance